using vector to send JSON-formatted nginx logs to ClickHouse
for some particular case i need to log and later analyze POST bodies of HTTP requests sent via nginx reverse proxy. ClickHouse will store the logs and be useful in analysis.
.pQd
using clickhouse-local to analyze archived log files
at work we’re hoarding log files. it’s a low-cost, low-tech solution: btrfs, some python script archiving /var/log/*.log, *.1 from hundreds of servers. we have a peace of mind that whatever it is – as long as it’s logging to that folder – we’ll have an archive of it. till now, whenever there was a need ... Read More
debian installer not detecting built-in nvme drive
i’m trying to set up debian 12 on a laptop [ dell latitude 7400 ]. pendrive ready but.. the installer detects only pendrive and no NVMe that holds Windows 11. why? it turns out bios had Raid mode configured for the intel storage controller – as described here. how to reconfigure it without ruining ability ... Read More
playing with min.io cluster
min.io is open source [ although AGPL-3 licensed ] object storage software providing s3-compatible interface and handling clustering for HA & data distribution. below – notes from setting it up on a tiny scale, without using Kubernetes. notes are based on RELEASE.2023-03-24T21-41-23Z i’ve fetched two binaries for the project: my cluster has 4 nodes, looks ... Read More
mental models and alike
https://fs.blog/tgmm https://perell.com/essay/50-ideas-that-changed-my-life https://en.wikipedia.org/wiki/List_of_cognitive_biases https://en.wikipedia.org/wiki/List_of_fallacies
restarting from cron users’s service with a random delay
sometimes things are not as stable and not-leaky as they should be.
temporarily speeding up IO performance for KVM VM
i have few VMs running on top of spinning rust. recently i’ve upgraded one of them to not-yet-stable debian bookworm. upgrade would be pretty slow but.. i’ve edited the VM definition and asked KVM to allow host server to cache any IO operations. speedup was great, bullseye->bookworm upgrade finished in less than 5 minutes. for ... Read More
using hardware tokens to secure SSH, MS365 logins
i’ve done a bit of research, below – my understanding of the current state of affairs [ 2023-03 ]. i’m writing this while testing YubiKey 5 NFC, but consider different alternatives. SSH why: i’m considering an attack vector where malicious actor has remote control of my PC – can lift up arbitrary files [ including ... Read More
re-parenting a shell command
let’s say you’ve logged in via ssh to some server and started some long running command. minutes or hours later you’ve realized that you did not run it under screen or tmux – so that command will die once your ssh connection is closed. today i’ve learned about reptyr which can help with that – ... Read More
squid-based forward proxy that accepts incoming tls-encrypted connections
we needed to do some interoperability testing, and for that we had to allow http client application to talk with http proxy via secure channel. on debian 11 i had to install package squid-openssl and add this line in /etc/squid/squid.conf: the ssl cert was generated by certbot certonly. that’s how i tested it:
getting unique string stats for large file; where data has small cardinality
sadly, not all of our logs are in clickhouse, meaning chewing them can be time consuming and not-so-fun.
MySQL / MariaDB login audit
once in a while i need to review which database accounts are used, from what IPs connections arrive. MySQL / MariaDB does not have built-in mechanism [ unless you want to allow full query log ], but there’s quite easy way to get the data.
online tools to test your mail infrastructure
once in a while i’m involed in moving mail servers around, to and from the could. those tools are useful each time it’s done: also related – a deep dive into e-mail delivery in 2024.
rsync with more efficient compression, hash algorithm
rsync 3.2.0 and newer supports more compression and hash algorithms. zstd compression is well suited for slower network connections [ tens mbit/s ], lz4 – for faster. xxh3 hash is worth using regardless of the network speed. syntax:
nrpe’s check_http – POSTing a file
i needed to monitor some service available via HTTP, this service is expecting to get a file posted – as if it was submitted via HTML form. so the file’s content is in the POST body, wrapped in Content-Type: multipart/form-data and stored between boundaries. Is it possible to simulate via check_http? yes!
Best Practical’s RT – recovering specific tickets from backups
I needed to recover a particular, old and already shredded, RT ticket from a backup to web interface. I’ve restored the database to a separate server and run those commands to get INSERT statements for two tickets i was interested in – 69187, 100112: To be on the safe side – always recover to a ... Read More
mysqldump headaches
over the years i’ve set up multiple backup workflows. one of them is described here. part of the cycles involves taking database backups. for MySQL i’m mostly using mysqldump. it comes with some headaches: it’s single-threaded by nature – both for backup, and restore [ unless you chop the dump file into pieces and try ... Read More
colorized side-by-side diff in console
this one does the trick for me:
WordPress’ Gutenberg editor failing to save anything
i’ve run into an odd situation – wordpress was working just fine yet the new / Gutenberg editor did not save anything. No errors, but also no content saved – the only thing that was left was ‘Auto Draft’ with an empty content. i’ve tracked it down to fact that .htaccess was not actually used ... Read More